← Back to malware index
CVE-2018-8440 ALPC LPE PoC (SandboxEscaper)
Attributions are based on open-source threat reports. A family appearing here means at least one syscall record cites it; absence does not imply non-use.
3 syscalls cited
- NtAlpcCreatePort
Creates a server-side ALPC connection port that clients can reach with NtAlpcConnectPort.
- NtAlpcConnectPort
Establishes a client ALPC connection to a named server port and exchanges an initial message.
- NtAlpcSendWaitReceivePort
Sends an ALPC message on a port and optionally waits for a reply or the next inbound message.